In this video we explore the revised MSFWeb interface for the Metasploit Framework 3.0. We specifically take a look at running auxiliary modules against a server running MSSQL, and then we'll take a look at using the MSFweb GUI to run the idq exploit with the meterpreter payload. What is unique about the idq bug is that it will NOT give you administrator or system on the box, but you can use the rev2self command in meterpreter to elevate your privileges from IUSR_MACHINENAME to SYSTEM. While we're at it, we also dump the hashes using hashdump for a little extra fun.

Editor's Note: Check your volume as the music may be a little loud. Chris is a wee bit of a headbanger! An "alternative" headbanger, but a headbanger nonetheless.

Enjoy and keep an eye out for future videos. Feel free to post comments and suggestions for future videos.